Vulnerabilities (CVE)

Filtered by vendor Oxid Subscribe
Filtered by product Eshop
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-2266 1 Oxid 1 Eshop 2024-02-04 5.0 MEDIUM N/A
OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote attackers to obtain sensitive information (session details and order history of other users) via a crafted cookie.
CVE-2009-3113 1 Oxid 1 Eshop 2024-02-04 5.0 MEDIUM N/A
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parameter.